<?php
namespace Sys\Controller;
use Todo\Controller\ApiController;

class RoleController extends ApiController {
    /**
     * 自定义查询条件
     * @param array &$where 丢生成的查询条件
     */
    protected function _filter(&$where){
        $keywords = I('request.keywords');
        if($keywords){
            $where['title'] = array('like', '%'.$keywords.'%');
        }
    }
    
    /**
     * 角色分配菜单
     */
    public function menu(){
        $id = I('post.id');
        if(!$id)  $this->apiError('非法请求!');
        $post = I('post.menu');
        $menus = '0';
        foreach ($post as $k=>$v){
            $menus .= ','. $v;
        }
        $model = M('');
        $sql = 'DELETE FROM sys_role_menu WHERE role_id = '. $id;
        $model->execute($sql);
        $sql = 'INSERT INTO sys_role_menu(role_id, menu_id) (SELECT '. $id. ',id FROM sys_menu WHERE id IN ('.$menus. '))';
        $model->execute($sql);
        $this->apiSuccess("授权成功!");
    }
}